it.tektonik.ca
Issued by R3
About this certificate
This digital certificate with serial number 04:61:07:ad:d4:f0:2e:c4:e4:31:4a:a9:66:a8:a8:55:bb:a7 was issued on by Let's Encrypt.
With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=it.tektonik.ca
Let's Encrypt
Organization:
Let's Encrypt
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 04:61:07:ad:d4:f0:2e:c4:e4:31:4a:a9:66:a8:a8:55:bb:a7Serial Number (int): 381466740500599107793831823094041797835687
Serial Number lenght: 139 bits, 18 octets
SubjectKeyId: 58:0b:29:53:03:89:60:b7:0f:63:d5:a9:ef:43:1b:76:00:ee:56:be
AuthorityKeyId: 14:2e:b3:17:b7:58:56:cb:ae:50:09:40:e6:1f:af:9d:8b:14:c2:c6
Fingerprint (sha1): 79:0a:a0:ed:24:24:94:2f:a6:f9:0b:5a:30:37:27:d2:88:1e:5f:f3
Fingerprint (sha256): 52:5c:de:e6:88:60:48:1f:c9:bf:0b:bd:74:02:ea:fb:3e:bf:20:69:3a:b1:71:5a:f5:ea:53:6d:8c:a9:0b:f0
Issuing Certificate URL: http://r3.i.lencr.org/
Revocation information
OCSP Server: http://r3.o.lencr.orgCheck the revocation status for certificate it.tektonik.ca
13
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for it.tektonik.ca
Public Key Algorithm
RSA
Key Size
4096
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
9 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
it.tektonik.ca
it.tektonik.com
mail.tektonik.ca
mail.tektonik.com
medibotique.tektonik.com
pop.tektonik.com
smtp.tektonik.com
tektonik.ca
tektonik.com
ti.tektonik.ca
ti.tektonik.com
www.tektonik.ca
www.tektonik.com
it.tektonik.com
mail.tektonik.ca
mail.tektonik.com
medibotique.tektonik.com
pop.tektonik.com
smtp.tektonik.com
tektonik.ca
tektonik.com
ti.tektonik.ca
ti.tektonik.com
www.tektonik.ca
www.tektonik.com
Other certificates including the domain name tektonik.ca
(limited to 100 certificates)
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
it.tektonik.ca
tektonik.com
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.ca
tektonik.com
tektonik.com
it.tektonik.ca
it.tektonik.ca
Certificate
The complete raw certificate details for it.tektonik.ca in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGwDCCBaigAwIBAgISBGEHrdTwLsTkMUqpZqioVbunMA0GCSqGSIb3DQEBCwUA MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD EwJSMzAeFw0yMzEwMTUwMzE0MDJaFw0yNDAxMTMwMzE0MDFaMBkxFzAVBgNVBAMT Dml0LnRla3RvbmlrLmNhMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA mHZa7GeYXPWT7Yg4B4yRPLFT9mg8EgsN7SP6XwuglVszVOX0YuIU4PLXwvfauzst cl9exZ7xrF/SsCUkaBChMkKNjalxKbCiDsSoYsEl9KbKMi6crMJoLC8IXrGyiUUs uOhwuP2o+K1oeDbrbjTUU8H7K2Gd3t+C8x3i5vzhYwDcfWrbRMZH9GxW3xHd87Zm jRtqszr7/DjKobQYAeVWwlmtVZEX9qJ8vA36Y2yZqf1DAJVrjVM7hXv10119zsTG htR7XR/qYt7f/sSxYot0xyct0/o9t7Bqo3EkX88p86vrqNq+LIyxMYH6q9ItakvA 5cnDZjB8aENqGQdBGgJkepHBa0l6C02lLRRqnLDTn5A9QOvxKWFT3Buwp8mUMxhZ 9mdHGupy4TguyuUXgI9GoPgnqglBZPK0mWvoWn6/p6qv0HJemgPs71LLUXveMdli PgutAb3GuhkX94DNITtAeGRgGXf6W/Ib22K2S9ArDa9SUgSyusopLWUDILgf0TJr 08FjYsGa6LDJZL7QcdSJEE7WpIe7zSd8NGWwy8Fuhp66XabIX+Hi5FekpBx1gS3U eHXTX5t9Inkk3L5qisgJzY/nr24w+GYjGKlr54b8MNmIb0/5z/sR/tDaWmu7T/43 Yc0TjKfZ93He/hlBVVpSsGNqH05Mt4/BP7HvDEHCvRcCAwEAAaOCAucwggLjMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYD VR0TAQH/BAIwADAdBgNVHQ4EFgQUWAspUwOJYLcPY9Wp70MbdgDuVr4wHwYDVR0j BBgwFoAUFC6zF7dYVsuuUAlA5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsG AQUFBzABhhVodHRwOi8vcjMuby5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6 Ly9yMy5pLmxlbmNyLm9yZy8wge8GA1UdEQSB5zCB5IIOaXQudGVrdG9uaWsuY2GC D2l0LnRla3RvbmlrLmNvbYIQbWFpbC50ZWt0b25pay5jYYIRbWFpbC50ZWt0b25p ay5jb22CGG1lZGlib3RpcXVlLnRla3RvbmlrLmNvbYIQcG9wLnRla3RvbmlrLmNv bYIRc210cC50ZWt0b25pay5jb22CC3Rla3RvbmlrLmNhggx0ZWt0b25pay5jb22C DnRpLnRla3RvbmlrLmNhgg90aS50ZWt0b25pay5jb22CD3d3dy50ZWt0b25pay5j YYIQd3d3LnRla3RvbmlrLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATCCAQQGCisG AQQB1nkCBAIEgfUEgfIA8AB3ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI 1/urAAABizGKgI0AAAQDAEgwRgIhAL6riREB4POB2vOkAUEt0KTWXblLS3jzYVfB QeulpNPlAiEAhdTJjWH/Da4wlZXGMMhQ+oKJj7P0gmk4QOwz1FGuaRIAdQA7U3d1 Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAYsxioBxAAAEAwBGMEQCIGyU Qu9hCzd2YbSMWh6+D5Q9lnqAZlDaJXBTPXEe+U7oAiA6s1VQ7AkeWvaLUQ5jFGTJ 6Pud1TPquitURep+fi9igDANBgkqhkiG9w0BAQsFAAOCAQEAlDvxfVssCkhvEBwt TJqZuFTTStWn6R+0Gkqv3H5LTvh7kX4bM1Rvs35g8IIx9a+GeJzJO/hdPxwLIYAI i0oBUYC5fOHDhz5UcQLbKfz2aMWBymyVM0jFdlAGAZlYZqDL5WR65J6iPvye8vAU x/gQA1VdHAEoBe9cEFfIJFAHz2EohIGEhnN7V6ruRK1DWJvSI0MixoHxbOg7Fl4O FoUpdakkU3MShi8aast/lMs/ZucBlcS6rGfMhBypaDHJ4cS7P9SIYr8krrI73Oih XBmmbsY24PdKpiMZ2bHO0MNdfGF4aq9MU2bOZ/8Id6SXcLekUIAl3GRWp7dDvddJ xDOauQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmHZa7GeYXPWT7Yg4B4yR PLFT9mg8EgsN7SP6XwuglVszVOX0YuIU4PLXwvfauzstcl9exZ7xrF/SsCUkaBCh MkKNjalxKbCiDsSoYsEl9KbKMi6crMJoLC8IXrGyiUUsuOhwuP2o+K1oeDbrbjTU U8H7K2Gd3t+C8x3i5vzhYwDcfWrbRMZH9GxW3xHd87ZmjRtqszr7/DjKobQYAeVW wlmtVZEX9qJ8vA36Y2yZqf1DAJVrjVM7hXv10119zsTGhtR7XR/qYt7f/sSxYot0 xyct0/o9t7Bqo3EkX88p86vrqNq+LIyxMYH6q9ItakvA5cnDZjB8aENqGQdBGgJk epHBa0l6C02lLRRqnLDTn5A9QOvxKWFT3Buwp8mUMxhZ9mdHGupy4TguyuUXgI9G oPgnqglBZPK0mWvoWn6/p6qv0HJemgPs71LLUXveMdliPgutAb3GuhkX94DNITtA eGRgGXf6W/Ib22K2S9ArDa9SUgSyusopLWUDILgf0TJr08FjYsGa6LDJZL7QcdSJ EE7WpIe7zSd8NGWwy8Fuhp66XabIX+Hi5FekpBx1gS3UeHXTX5t9Inkk3L5qisgJ zY/nr24w+GYjGKlr54b8MNmIb0/5z/sR/tDaWmu7T/43Yc0TjKfZ93He/hlBVVpS sGNqH05Mt4/BP7HvDEHCvRcCAwEAAQ== -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 381466740500599107793831823094041797835687 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Let's Encrypt' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'R3' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-15 03:14:02 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-13 03:14:01 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'it.tektonik.ca' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (4208 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 621992019300723006555009357819275080806818791419728633906142319976022140848801021701931282901670384934031001023339502751441059287195541427260628140490217212797913489649365156468118912195807070384793337531630130700260307600105332417493681266596669487283319577969191926560617243197877521780695219117715626761733018227352839120786891701628736444697677716438184073857452512737304561869936993087418632539478231601230499550934449223699320295577173499438792250918136137616454900029976037444712899833924741547269541930949500877647289605930259064649779517331557564564541452249663229816039302019946398328533711692834554439521546245992081823886540479056511580137714445071735841090413333813161071395740086312189707042672180110930038123176261864427692111615038761151197818715269398034123601849812141840532420375456034768222214548988963891772087259206383914600842233571049959205753920430113530763096982145300821877872717853046337020686401338272271831769881448569074377766045126903007674049458989796409848271617459072599050715111305145646278376997473223550889433529662617449767304321844294243976400394179234068974943553914259401397695548774881431351226922490107198749302941856598840255091509964303538641021551417188449052117538639716424234366582039 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 580b2953038960b70f63d5a9ef431b7600ee56be . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 142eb317b75856cbae500940e61faf9d8b14c2c6 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (73 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.o.lencr.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://r3.i.lencr.org/' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (231 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'it.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'it.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mail.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'medibotique.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pop.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'smtp.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ti.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ti.tektonik.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tektonik.ca' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.tektonik.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes) 00f0007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b318a808d0000040300483046022100beab891101e0f381daf3a401412dd0a4d65db94b4b78f36157c141eba5a4d3e502210085d4c98d61ff0dae309595c630c850fa82898fb3f482693840ec33d451ae69120075003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b318a8071000004030046304402206c9442ef610b377661b48c5a1ebe0f943d967a806650da2570533d711ef94ee802203ab35550ec091e5af68b510e631464c9e8fb9dd533eaba2b5445ea7e7e2f6280 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00943bf17d5b2c0a486f101c2d4c9a99b854d34ad5a7e91fb41a4aafdc7e4b4ef87b917e1b33546fb37e60f08231f5af86789cc93bf85d3f1c0b2180088b4a015180b97ce1c3873e547102db29fcf668c581ca6c953348c576500601995866a0cbe5647ae49ea23efc9ef2f014c7f81003555d1c012805ef5c1057c8245007cf612884818486737b57aaee44ad43589bd2234322c681f16ce83b165e0e16852975a924537312862f1a6acb7f94cb3f66e70195c4baac67cc841ca96831c9e1c4bb3fd48862bf24aeb23bdce8a15c19a66ec636e0f74aa62319d9b1ced0c35d7c61786aaf4c5366ce67ff0877a49770b7a4508025dc6456a7b743bdd749c4339ab9